通过 ajax 提交表单时出现 SQL 错误

首先，让我们总结一下 HTML 数据。

<div class="message"></div>
<form action="subscribe.php" name="subscribeForm">
<input type="email" name="emailsub" minlength="7" size="40" placeholder="Enter your email here.."><br><br>
<select name="medium">
<option value="">Select Medium</option>
<option value="english">English</option>
<option value="hindi">Hindi</option>
<option value="japanese">Japanese</option>
</select>
<br><br>
<select name="country">
<option value="">Select Country</option>
<option value="India">India</option>
<option value="USA">USA</option>
<option value="Japan">Japan</option>
</select><br><br>
<input type="submit" id="action"> 
</form>

下面的 AJAX 代码采用表单详细信息并发送给subscribe.php。请注意，下面的document.subscribeForm采用表单字段变量并存储在表单中。为此，只有 HTML 部分中name值就足够了。因此，我没有在 HTML 表单字段中添加任何id字段。

$('#action').click(function() { 
var form = document.subscribeForm;
var dataString = $(form).serialize();
$.ajax({
type: 'POST',
url: $(form).attr("action"),
data: dataString,
beforeSend: function(){
$('.message').hide();
$("#action").val('Please wait...');
},
success: function(data){
$('.message').html(data).fadeIn();
}
});
return false;
});

一旦数据被发送到subscribe.php，现在是时候处理它了。

// Storing data in variables
$email = (!empty($_POST['emailsub'])?$_POST['emailsub']:null;
$medium = (!empty($_POST['medium'])?$_POST['medium']:null;
$country = (!empty($_POST['country'])?$_POST['country']:null;
if($_POST){
// Check if email submitted is empty or not. If yes, script will stop executing further.
if($email == null){
echo "Email is required";
exit();
}
// Check if medium submitted is empty or not. If yes, script will stop executing further.
if($medium == null){
echo "Medium is required";
exit();
}
// Check if country submitted is empty or not. If yes, script will stop executing further.
if($country == null){
echo "Country is required";
exit();
}
// All checks cleared. Process the data.
//Using MySQLi
$stmt = $con->prepare("INSERT INTO emailsubscribe(email, medium, country)VAlUES(?,?,?)"); // Use prepared statements. 
$stmt-> bind_param($email, $medium, $country);
$stmt-> execute();
// Using PDO (Better: A big bonus is that you can use a readable `:name` instead of confusing `?`)
$stmt = $con->prepare("INSERT INTO emailsubscribe(email, medium, country)VAlUES(:email, :medium, :country)"); // Use prepared statements. 
$stmt-> bindValue(':email', $email);
$stmt-> bindValue(':medium', $medium);
$stmt-> bindValue(':country', $country);
$stmt-> execute();
// Echo Message
if($stmt){
echo "Success";
}else{
echo "Error";
}
}

这是您应该如何处理表单的正确方法。

首先，我在您的表格中没有看到任何媒介或国家作为输入。所以我改变了你的 HTML 代码

$('#formoid').on('submit', function() {
$.ajax({
type: "POST",
url: "subscribe.php",
data: $(this).serialize(),
success: function(response) {
$(this).hide(); //sets css display:none to form
var message = "Thank you!";
$('.container-fluid').html(message);
}
});
});

<form action="subscribe.php" title="" method="post" id="formoid">
<input type="email" id="emailsub" name="email" minlength="7" size="40" placeholder="Enter your email here.." required><br><br>
<input type="text" id="" name="medium" size="40" placeholder="Enter here.." required>
<input type="text" id="" name="country" size="40" placeholder="Enter here.." required>
<input type="submit">
</form>

然后在您的subscribe.php执行以下操作。请注意，我刚刚复制了您的确切SQL代码。使用预准备语句或 PDO 来避免 SQL 注入

$qry = mysqli_query($con,"INSERT into `emailsubscribe` (email,medium,country) value ('".$_POST['email']."','".$_POST['medium']."','".$_POST['country']."')");